CVE-2025-69443

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.3 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L                                    

Vulnerability Description

Remote Code Execution in coleam00 Archon 0.1.0. A crafted HTML page, when accessed by a victim, can execute commands, run prompts on behalf of the user, control the Archon UI features, and steal all Archon information available on the UI including API keys.

Vulnerability Details

Published Date

May 14, 2026

Last Modified

May 15, 2026

CWE ID

CWE-94

Source

NVD

External References

https://github.com/coleam00/Archon
https://www.ox.security/blog/archon-remote-code-execution
https://www.ox.security/blog/cve-2025-69443-archon-os-vulnerable-to-unauthenticated-web-to-client-attack/

CVE-2025-69443

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment